Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6b/3587eb-ebd4-40ab-a19b-22920565cda4/1/YP3vWcvWd7FaHBsv8ntSbPmLqPM.roa
File: YP3vWcvWd7FaHBsv8ntSbPmLqPM.roa (raw, json)
Hash identifier: LdPJjJJejQQ1FBR3L7MxGK1q25Om0kbaDxaROih27Rg=
Subject key identifier: 60:FD:EF:59:CB:D6:77:B1:5A:1C:1B:2F:F2:7B:52:6C:F9:8B:A8:F3
Certificate issuer: /CN=d50cda48c35e54eb802575aaa408cce579927216
Certificate serial: 018C4A4368CBB9BFC5B7F65DDF3C1D082FC7
Authority key identifier: D5:0C:DA:48:C3:5E:54:EB:80:25:75:AA:A4:08:CC:E5:79:92:72:16
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1QzaSMNeVOuAJXWqpAjM5XmSchY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6b/3587eb-ebd4-40ab-a19b-22920565cda4/1/YP3vWcvWd7FaHBsv8ntSbPmLqPM.roa
Signing time: Fri 08 Dec 2023 16:29:40 +0000
ROA not before: Fri 08 Dec 2023 16:29:40 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 396982
IP address blocks: 217.12.224.0/22 maxlen: 28
217.12.234.0/23 maxlen: 28
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:4a:43:68:cb:b9:bf:c5:b7:f6:5d:df:3c:1d:08:2f:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d50cda48c35e54eb802575aaa408cce579927216
Validity
Not Before: Dec 8 16:29:40 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=60fdef59cbd677b15a1c1b2ff27b526cf98ba8f3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:6f:59:25:94:1a:29:f2:07:1e:6d:2d:64:b9:
cc:e7:50:50:94:f9:01:bc:bd:48:70:a6:2d:18:45:
1e:eb:21:4e:b0:b7:ae:70:23:c0:80:99:d7:21:4c:
84:22:62:1d:c7:d3:80:aa:d0:e0:17:da:63:c9:fd:
17:a7:fc:d4:da:b9:01:5b:b1:8f:a9:b9:9f:09:13:
18:27:5a:cb:a0:c1:a3:a0:ef:b8:51:11:b7:54:62:
21:d6:2a:a2:c1:d5:9b:58:b9:d0:50:65:1c:90:7f:
2c:ab:5e:1d:5f:48:47:de:9c:f7:45:54:24:3e:a2:
b5:43:2c:7f:6e:e7:6c:7f:f7:09:7f:7a:91:78:bb:
8f:ff:d8:00:01:84:85:04:54:bc:54:66:ff:ec:44:
dc:04:47:32:65:5d:f4:b7:9d:dd:45:52:7f:0c:fd:
04:4f:76:5b:f9:b5:1a:87:9a:dd:0e:de:4f:17:94:
3d:29:f2:76:8e:0a:83:51:3a:fe:b3:9f:23:01:0f:
f7:cf:1f:31:68:47:39:19:cc:cd:20:e5:a7:d6:e2:
c6:0f:7c:64:69:e0:29:ea:b6:d1:69:03:e0:aa:db:
36:c5:31:74:5e:20:95:3a:ca:e0:74:dc:dd:e9:49:
2d:96:ee:e6:1c:2b:87:8a:ca:ed:c3:c2:67:9b:58:
ca:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:FD:EF:59:CB:D6:77:B1:5A:1C:1B:2F:F2:7B:52:6C:F9:8B:A8:F3
X509v3 Authority Key Identifier:
keyid:D5:0C:DA:48:C3:5E:54:EB:80:25:75:AA:A4:08:CC:E5:79:92:72:16
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1QzaSMNeVOuAJXWqpAjM5XmSchY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/3587eb-ebd4-40ab-a19b-22920565cda4/1/YP3vWcvWd7FaHBsv8ntSbPmLqPM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/3587eb-ebd4-40ab-a19b-22920565cda4/1/1QzaSMNeVOuAJXWqpAjM5XmSchY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.12.224.0/22
217.12.234.0/23
Signature Algorithm: sha256WithRSAEncryption
2d:c0:e9:c7:18:31:82:1a:85:7a:95:32:59:56:cf:20:02:ac:
e4:d5:de:3b:e1:a7:f3:b0:e9:f5:4d:4e:dd:d9:b1:c8:46:06:
ef:c4:36:c3:7f:35:01:e6:42:b7:a5:c3:7a:07:4c:96:bb:58:
2f:b3:a8:4d:00:1c:06:8a:a9:29:e7:a0:dc:3c:8c:82:3b:64:
b0:39:cf:74:38:61:07:17:f9:37:07:1a:89:bf:ef:b9:1a:e0:
3f:e5:81:29:ca:0a:00:dd:57:04:d1:0c:b0:f0:43:0b:13:1d:
31:4e:59:df:57:78:f4:46:c7:c4:a4:0a:5a:7f:24:50:34:20:
a5:2c:93:2d:ce:54:9e:6b:26:fc:8b:67:b5:2a:2f:c4:ac:1d:
9e:15:f7:88:4c:9f:41:d2:0f:2f:70:c6:9a:a4:43:4b:fa:98:
80:de:44:94:21:7d:b2:cc:54:7c:f0:5e:94:be:fb:df:50:a0:
c9:6f:39:cc:e4:97:5d:c5:44:35:06:90:75:5d:d9:5e:7a:55:
28:a7:92:34:88:51:9c:27:4e:c6:de:fe:ae:cc:4e:6e:68:08:
ea:a1:70:02:37:e4:e2:87:8b:cf:9d:9d:e2:f5:ec:9b:80:b6:
5f:26:34:f1:30:d6:55:bf:ef:a7:12:18:01:0a:e2:3d:30:1d:
19:fc:ce:1e
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYxKQ2jLub/Ft/Zd3zwdCC/HMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1MGNkYTQ4YzM1ZTU0ZWI4MDI1NzVhYWE0MDhjY2U1Nzk5
MjcyMTYwHhcNMjMxMjA4MTYyOTQwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MGZkZWY1OWNiZDY3N2IxNWExYzFiMmZmMjdiNTI2Y2Y5OGJhOGYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkm9ZJZQaKfIHHm0tZLnM51BQlPkB
vL1IcKYtGEUe6yFOsLeucCPAgJnXIUyEImIdx9OAqtDgF9pjyf0Xp/zU2rkBW7GP
qbmfCRMYJ1rLoMGjoO+4URG3VGIh1iqiwdWbWLnQUGUckH8sq14dX0hH3pz3RVQk
PqK1Qyx/budsf/cJf3qReLuP/9gAAYSFBFS8VGb/7ETcBEcyZV30t53dRVJ/DP0E
T3Zb+bUah5rdDt5PF5Q9KfJ2jgqDUTr+s58jAQ/3zx8xaEc5GczNIOWn1uLGD3xk
aeAp6rbRaQPgqts2xTF0XiCVOsrgdNzd6Uktlu7mHCuHisrtw8Jnm1jKGwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFGD971nL1nexWhwbL/J7Umz5i6jzMB8GA1UdIwQY
MBaAFNUM2kjDXlTrgCV1qqQIzOV5knIWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMVF6YVNNTmVWT3VBSlhXcXBBak01WG1TY2hZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yi8zNTg3ZWItZWJkNC00MGFiLWExOWIt
MjI5MjA1NjVjZGE0LzEvWVAzdldjdldkN0ZhSEJzdjhudFNiUG1McVBNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yi8zNTg3ZWItZWJkNC00MGFiLWExOWItMjI5MjA1NjVjZGE0
LzEvMVF6YVNNTmVWT3VBSlhXcXBBak01WG1TY2hZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQC2QzgAwQB
2QzqMA0GCSqGSIb3DQEBCwUAA4IBAQAtwOnHGDGCGoV6lTJZVs8gAqzk1d474afz
sOn1TU7d2bHIRgbvxDbDfzUB5kK3pcN6B0yWu1gvs6hNABwGiqkp56DcPIyCO2Sw
Oc90OGEHF/k3BxqJv++5GuA/5YEpygoA3VcE0Qyw8EMLEx0xTlnfV3j0RsfEpApa
fyRQNCClLJMtzlSeayb8i2e1Ki/ErB2eFfeITJ9B0g8vcMaapENL+piA3kSUIX2y
zFR88F6UvvvfUKDJbznM5JddxUQ1BpB1XdleelUop5I0iFGcJ07G3v6uzE5uaAjq
oXACN+Tih4vPnZ3i9eybgLZfJjTxMNZVv++nEhgBCuI9MB0Z/M4e
-----END CERTIFICATE-----
Generated at Mon Jan 1 06:16:32 2024 by rpki-client on console-ams.rpki-client.org